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DETAILED ACTION 

Continued Examination Under 3 7 CFR LI 14 

1 . A request for continued examination under 37 CFR 1 . 1 14, including the fee set forth in 
37 CFR 1 .17(e), was filed in this application after final rejection. Since this appUcation is 
eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1 .17(e) 
has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 
37 CFR 1.114. AppUcant's submission filed on 5/30/2006 has been entered. 

Response to Arguments 

2. In response to communications filed on 5/30/2006, appUcant amends claims 15, and 29. 
The following claims 15-34 are presented for examination. 

2. 1 In response to communications filed on 5/30/2006, the 1 12^ rejection of claim 15 has 
been withdrawn with respect to AppUcant's amendment of claim 15. 

2.2 Applicant's remarks, pages 8-9, filed on 5/30/2006, with respect to the rejection of claims 
15-34 have been fially considered but they are not persuasive. AppUcant's arguments do not 
comply with 37 CFR 1 . 1 1 1(c) because they do not clearly point out the patentable novelty which 
he or she thinks the claims present in view of the state of the art disclosed by the references cited 
or the objections made. Further, they do not show how the amendments avoid such references or 
objections. Claims 15 have been amended to include some of the Umitations of claim 29. Upon 
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further consideration claims 15-34 are still rejected in view of the same references, and 
additional references disclosing the amendment are provided. 

Claim Objections 

3. Claim 19 is objected to because it is a substantial dupUcate of another claim. Applicant is 
advised that should claim 18 be found allowable, claim 19 will be objected to under 37 CFR 1.75 
as being a substantial duplicate thereof When two claims in an application are dupUcates or else 
are so close in content that they both cover the same thing, despite a slight difference in wording, 
it is proper after allowing one claim to object to the other as being a substantial duphcate of the 
allowed claim. See MPEP § 706. 03 (k). 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject matter 
sought to be patented and the prior art are such that the subject matter as a whole would have 
been obvious at the time the invention was made to a person having ordinary skill in the art to 
which said subject matter pertains. Patentability shall not be negatived by the manner in which 
the invention was made. 
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Claims 15-17, 30, and 32 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
US Patent 5,063,596 to Dyke in view of IBM Technical Disclosure Bulletin, Cryptographic 
Microcode Loading Controller for Secure Function, September 1991, NB910934, Pages 1-5. 

As per claim 15, Dyke substantially discloses an encryption circuit (1) for simultaneously 
processing various encryption algorithms, the encryption circuit adapted to be coupled with a 
host computer system comprising: an input/output module including a microcontroller and 
memory, that handles data exchanges between the host system and the circuit via a dedicated 
bus, for example (see column 3, lines 55-65 and figure 1); an encryption module coupled with 
the input/output module said encryption module controlling encryption and decryption 
operations, as well as storage of all sensitive information of the circuit, for example (see column 
4, line 65 through column 5, line 14 and column 13, lines 20-30); and isolation means 
comprising of a dual-port memory between the input/output module and the encryption module, 
for making the sensitive information stored in the encryption module inaccessible to the host 
system, for example (see column 4, lines 24-40 and column 2, lines 30-53 and column 14, lines 
4-27). Dyke discloses a dual-port memory coupled with an input/output module and an 
encryption module performing parallel processing and a dual-port memory being coupled to a 
first bus and adapted to simultaneously handle the exchange of data, commands and statuses 
between the input/output and encryption modules and providing means of isolating the 
input/output module and the encryption module (see also column 12, lines 4-10 and column 12, 
lines 40-45). Dyke discloses the input/output module further including a flash memory and a 
static random access memory, the flash memory storing the code for a processor in the 
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microcontroller, (see column 12, lines 29-60). Dyke discloses a processor for having access to 
both RAM and ROM memory during initialization but does not specifically states copying 
copying contents of the flash memory into the static random access memory (see column 5, Unes 
5-13 and column 8, lines 10-32). It is obvious to one of ordinary skill in the art that the 
encryption circuit of Dyke comprises processor adapted for copying contents from flash memory 
into the static random access memory during startup because data in a flash memory does not 
erase during power-off as known in the art. IBM Technical Disclosure Bulletin discloses a 
single-chip microcontroller comprising flash memory, data RAM memory, and CMOS memory. 
The ROM stores microcode to be used by a microprocessor and during startup, the microcode is 
loaded into a RAM because in this way the microcontroller can control the boot-up process and 
protect the microcode then the microcode can be loaded into the Ram where the code will 
actually be executed or decryption will take place. Therefore, it would have been obvious to one 
of ordinary skill in the art of computer security at the time the invention was made to modify 
Dyke to provide copying contents from flash memory into the static random access memory 
during startup. One of ordinary skill in the art would have been motivated to do so because it 
provides a way to protect the microcode and renders control of the boot up process to the 
microcontroller then the microcode can be loaded into the Ram where the code will actually be 
executed or decryption will take place if the data is encrypted. 

As per claim 16, Dyke discloses the claimed circuit of claim 15 and further discloses 
wherein the isolation means comprises a dual-port memory (see also column 12, lines 4-10 and 
column 12, lines 40-45). 
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As per claim 17, Dyke discloses the claimed circuit of claim 15 and further discloses a 
dual-port memory coupled with an input/output module and an encryption module performing 
parallel processing and a dual-port memory being coupled to a first bus and adapted to 
simultaneously handle the exchange of data, commands and statuses between the input/output 
and encryption modules and providing means of isolating the input/output module and the 
encryption module (see also column 12, lines 4-10 and column 12, lines 40-45). 

As per claim 30, the combined references disclose the claimed circuit of claim 15. Dyke 
discloses a key interface independent of the interface of the link with the host computer that 
meets the recitation of a serial Unk, which is independent of the dedicated PCI bus, said link 
adapted to be controlled by the encryption module, for example (see column 3, Une 65 through 
column 4, line 22). Dyke discloses a device capable of preventing linking together of different 
files in storage (column 2, lines 6-20). 

As per claim 32, Dyke discloses the Umitation of including a card supporting the circuit 
(column 3, lines 51-53). 

5. Claims 18-29, 31, and 33-34 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over US Patent 5,063,596 to Dyke in view of IBM Technical Disclosure Bulletin, Cryptographic 
Microcode Loading Controller for Secure Function, September 1991, NB910934, Pages 1-5 as 
appUed to claims 15-17 and further in view of US Patent 6,021,201 to Bakhle et al. 
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As per claims 18-20, both references disclose the claimed encryption circuit of claims 15- 
17. Dyke does not explicitly disclose a CMOS memory which is coupled with the dual-port 
memory (4) via the first bus of the dual-port memory containing the encryption keys, for 
example (see column 6, lines 5-21), which is well known in the art. These elements are well 
known in the art in a security device and can be implemented by the invention disclosed in Dyke. 
IBM Technical Disclosure Bulletin supports well known art by disclosing a single-chip 
microcontroller comprising flash memory, data RAM memory, and CMOS memory. This 
bulletin further uses a CMOS memory to store security keys because it has the advantage to 
make probing and examination more difficult in attempt of removal as the CMOS' s is sensitive 
to light and static charge. In addition the RAMs could be backed with a battery when the system 
was unpowered. Therefore, it would have been obvious to one of ordinary skill in the art of 
computer security at the time the invention was made to modify the circuit of Dyke to provide a 
CMOS memory coupled with the dual-port memory via the first bus of the dual-port memory 
containing the encryption keys as taught in IBM Technical Disclosure Bulletin. This 
modification would have been obvious because one skilled in the art would have been motivated 
to do so in order to make probing and examination more difficult in attempt of removal and the 
other advantage would be that the RAMs could be backed with a battery when the system was 
unpowered. 

Both references disclose processing DBS algorithm but do not explicitly disclose 
processing various encryption algorithms. Bakhle et al in an analogous art discloses an 
input/output module including a microcontroller and memory (see figure 1), a first encryption 
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sub-module, dedicated to the processing of symmetric encryption algorithms and being coupled 
with the first bus of the dual port memory, for example (see column 5, Hnes 14-67 and figure 3); 
a second encryption sub-module, dedicated to the processing of asymmetric encryption 
algorithms and being coupled with a first bus of a dual-port memory and including a separate 
internal second bus isolated from the first bus of the dual-port memory, performing parallel 
processing for example (see column 5, lines 14-67 and see figure 3). Therefore, it would have 
been obvious to one of ordinary skill in the art at the time the invention was made to modify the 
encryption circuit as combined above to provide a first encryption module and second encryption 
module for simultaneously performing various encryption algorithms (column 5, lines 14-67) as 
taught by Bakhle et al. This modification would have been obvious because one of ordinary 
skill in the art would have been motivated by the suggestions provided by Bakhle et al to 
provide a cryptographic device capable of performing cryptographic operations in different 
formats and while one type of operation is being performed another type can be performed 
concurrently or in parallel, for instance one cipher processor can operate on data having a first 
size whereas another processor can operate on a second block size (column 5, lines 14-27 and 
column 1, lines 32-45). 

As per claim 21, Dyke teaches isolating means for making keys inaccessible to the host 
system and isolating means for performing parallel processing (column 12, lines 5-45). Bakhle 
et aL discloses the limitation of an encryption circuit characterized in that the first encryption 
sub-module comprises an encryption component coupled with the dual-port memory via the first 
bus of the memory, comprising various encryption automata, respectively dedicated to the 
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processing of symmetric encryption algorithms, and in that the second encryption sub-module 
comprises at least two encryption processors, respectively dedicated to the processing of 
asymmetric encryption algorithms, coupled with the encryption module via the internal second 
bus of the second sub-module, for example (see column 5, lines 14-67 and see figures 3 and 6 
with description); and discloses a control unit comprises a security unit that control input and 
output and use buses separating from the dual port bus (see figures 3-6 with description and 
table 2, column 8; column 13, lines 10 et seq.) that meets the recitation of and a bus isolator for 
isolating the second bus from the first bus of the dual port memory. Bakhle et al discloses that 
the cipher and the hash unit can be implemented with specific dedicated hardware components 
known in the art for processing of asymmetric and symmetric algorithms (see end of column 5). 
Therefore, claim 21 is rejected on the same rationale as the rejection of claim 18 above. 



As per claims 22-23, and 25, Bakhle et al. discloses the limitation of an encryption 
circuit characterized in that one of the two encryption processors is of the CIP type, and in that 
the other of the two encryption processors is of the ACE type, for example (see column 5, lines 
50-67). Bakhle et al. discloses that the cipher and the hash unit can be implemented with 
specific dedicated hardware components known in the art for processing of asymmetric and 
symmetric algorithms (see end of column 5). Having both processors CEP type is a design 
choice. Therefore, these claims are rejected on the same rationale as the rejection of claim 18 
above. 
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As per claims 24 and 26, Bakhle et al. does not explicitly disclose that one of the 
processors and the encryption component comprise a FPGA. Bakhle et al. discloses input 
output buffer arrays, for example (see column 9, lines 55 et seq.) and also discloses that the 
cipher and the hash unit can be implemented with specific dedicated hardware components 
known in the art for processing of asymmetric and symmetric algorithms (see end of column 5). 
It is apparent to one skilled in the art that the units disclosed by Bakhle et al. can comprise 
FPGA without departing from the spirit and scope of the invention as such unit and component 
are also well known in the art. Therefore, these claims are rejected on the same rationale as the 
rejection of claim 18 above. 

As per claim 27, the combined references above disclose the claimed circuit of claim 26, 
Dyke also discloses encryption circuit comprises of PROM and SRAM (column 5, lines 1-15). 

As per claim 28, the combined references above disclose the claimed circuit of claim 21. 
Dyke further discloses security mechanisms adapted to trigger a reset mechanism of memory 
(see column 8, lines 25-32 and lines 63-67). IBM bulletin further uses a CMOS memory to store 
security keys. Therefore, claim 28 is rejected on the same rationale as the rejection of claim 18 
above. 



As per claim 29, Dyke substantially discloses an encryption circuit wherein the 
microcontroller comprises an input/output processor and a PCI interface for executing the data 
transfers between the host system and the circuit (column 3, lines 55-67; column 4, lines 8-40). 



Application/Control Number: 09/706,728 Page 1 1 

Art Unit: 2136 

Bakhle et al discloses an encryption circuit wherein a microcontroller comprises: an input/output 
processor and a PCI interface and a flash memory; integrating DMA channels responsible for 
executing the data transfers between the host system and the circuit, for example (see column 4, 
lines 26-67 and column 5, lines 34-44); 

a flash memory containing the code of the input/output processor and a PCI interface, 
integrating DMA channels responsible for executing the data transfers between the host system 
and the circuit, for example (see column 4, lines 26-67); a flash memory containing the code of 
the input/output processor , for example (see column 4, lines 38-42); and an SRAM memory that 
receives a copy of the contents of the flash memory upon startup of the input/output processor, 
for example (see column 4, lines 26-67). Bakhle et al discloses instructions in the memory 
subsystem for the processors and examples of memory devices and the like that can be 
implemented with the I/O module, such examples include DRAM, ROM, VRAM and the hke. 
Claim 29 is rejected on the same rationale as the rejection of claim 18 above. 

As per claim 3 1, the combined references disclose the claimed circuit of claim 15. Dyke 
discloses a key interface independent of the interface of the link with the host computer that 
meets the recitation of a serial link, which is independent of the dedicated PCI bus, said link 
adapted to be controlled by the encryption module, for example (see column 3, line 65 through 
column 4, Une 22). Dyke discloses a device capable of preventing linking together of different 
files in storage (column 2, Unes 6-20). (See also Bakhle et al, column 12, line 48 through 
column 13, line 10). Claim 31 is rejected on the same rationale as the rejection of claim 18 
above. 
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As per claims 33-34, Dyke discloses the limitation of including a card supporting the 
circuit (column 3, lines 51-53). 
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